hack

According to a recent survey, the average cost estimate for cleaning up a cyberattack comes in at around £850,000.

But this is actually a conservative estimate: For those organisations that actually calculate (versus estimate) the real cost of an attack, that number increases significantly to £1.3 million.

How is this calculated and what does it entail? According to the survey:

“Quantifiable monetary losses can be directly tied to the aftermath of cyberattacks in lost revenue, unexpected budget expenditures and drops in stock values,” according to the report. “Protracted repercussions are most likely to emerge as a result of negative customer experiences, damage to brand reputation and loss of customers.”

This doesn't even include the actual costs of repairing the damage and updating existing systems to prevent future incidents.

At Wintercorn we've seen companies large and small suffer an attack because they simply didn't know they were being attacked and didn't know what to do until it was too late. They had no IDS (Intrusion Detection Systems) operating, they had no named person responsible for their website and they didn't bother with updates because "we're not very good with computers".

Some even hosted their corporate websites on $5 per month shared servers with thousands of other sites. This is actually one of the most common routes to an attack and one of the most dangerous to your website, data and brand.

Security researchers have demonstrated how e-cigarettes can easily be modified into tools to hack computers. With only minor modifications, the vape pen can be used by attackers to compromise the computers they are connected to - even if it seems just like they are charging.

Giving a presentation at BSides London, Ross Bevington showed how an e-cigarette could be used to attack a computer by fooling the computer to believe it was a keyboard or by tampering with its network traffic.

In the wee hours of Wednesday morning, a host of prominent Twitter accounts were compromised and, as a result, began spouting swastika-laden propaganda in support of Turkey's president Recep Erdoğan ahead of a referendum next month which could consolidate his power. So now's a good time to check your own accounts and make sure you close the backdoor that let this happen to other people.

Recently security consultanct Brian Krebs' website was hit with a giant Distributed Denial of Service attack designed to take his website offline and disrupt his work.

The botnet was made up of nearly 400,000 benign devices such as CCTV camers, video recorders and routers which were all internet connected as part of the 'Internet of Things' (IoT) and used weak passwords such as 12345, admin and password to bombard the site with 665 Gigabits of traffic per second beating the previous record of 363 Gbps.

This is entirely the fault of the device manufacturers who don't enforce stronger passwords or hard-code the default passwords in to the device making it unable to be changed.

Yahoo says "state-sponsored" hackers stole information from about 500 million users in what appears to be the largest publicly disclosed cyber-breach in history. The breach included swathes of personal information, including names and emails, as well as “unencrypted security questions and answers”. The hack took place in 2014 but has only now been made public.

The data taken includes names, email addresses, telephone numbers, dates of birth and encrypted passwords, but not credit card data, Yahoo said.

The UK’s National Crime Agency (NCA) has issued a warning to UK online banking consumers to guard against the possibility of having been infected by the Dridex malware, also known as Cridex and Bugat, stating that there could be ‘thousands of infected computers’ in the UK. The NCA are joining with the FBI in the United States to ‘sinkhole’ the botnet which is responsible for the spread of the malware. The report indicates that Windows users are the primary targets of the attacks.

The Dridex malware is a new strain of the Cridex breed, and infects users via macro actions which launch when opening infected documents which are often sent as spam emails about invoices, parcel delivery notes and fake banking alerts.